@friggframework/core 2.0.0-next.56 → 2.0.0-next.58

package/database/index.js

@@ -12,13 +12,14 @@
  * etc.
  */
 
-const { mongoose } = require('./mongoose');
-const { IndividualUser } = require('./models/IndividualUser');
-const { OrganizationUser } = require('./models/OrganizationUser');
-const { UserModel } = require('./models/UserModel');
-const { WebsocketConnection } = require('./models/WebsocketConnection');
+// Lazy-load mongoose to avoid importing mongodb when using PostgreSQL only
+let _mongoose = null;
+let _IndividualUser = null;
+let _OrganizationUser = null;
+let _UserModel = null;
+let _WebsocketConnection = null;
 
-// Prisma exports
+// Prisma exports (always available)
 const { prisma } = require('./prisma');
 const { TokenRepository } = require('../token/repositories/token-repository');
 const {
@@ -26,12 +27,38 @@ const {
 } = require('../websocket/repositories/websocket-connection-repository');
 
 module.exports = {
-    mongoose,
-    IndividualUser,
-    OrganizationUser,
-    UserModel,
-    WebsocketConnection,
-    // Prisma
+    // Lazy-loaded mongoose exports (only load when accessed)
+    get mongoose() {
+        if (!_mongoose) {
+            _mongoose = require('./mongoose').mongoose;
+        }
+        return _mongoose;
+    },
+    get IndividualUser() {
+        if (!_IndividualUser) {
+            _IndividualUser = require('./models/IndividualUser').IndividualUser;
+        }
+        return _IndividualUser;
+    },
+    get OrganizationUser() {
+        if (!_OrganizationUser) {
+            _OrganizationUser = require('./models/OrganizationUser').OrganizationUser;
+        }
+        return _OrganizationUser;
+    },
+    get UserModel() {
+        if (!_UserModel) {
+            _UserModel = require('./models/UserModel').UserModel;
+        }
+        return _UserModel;
+    },
+    get WebsocketConnection() {
+        if (!_WebsocketConnection) {
+            _WebsocketConnection = require('./models/WebsocketConnection').WebsocketConnection;
+        }
+        return _WebsocketConnection;
+    },
+    // Prisma (always available)
     prisma,
     TokenRepository,
     WebsocketConnectionRepository,

package/database/utils/prisma-runner.js

@@ -373,6 +373,76 @@ async function runPrismaDbPush(verbose = false, nonInteractive = false) {
     });
 }
 
+/**
+ * Runs Prisma migrate resolve to mark a migration as applied or rolled back
+ * @param {string} migrationName - Name of the migration to resolve (e.g., '20251112195422_update_user_unique_constraints')
+ * @param {'applied'|'rolled-back'} action - Whether to mark as applied or rolled back
+ * @param {boolean} verbose - Enable verbose output
+ * @returns {Promise<Object>} { success: boolean, output?: string, error?: string }
+ */
+async function runPrismaMigrateResolve(migrationName, action = 'applied', verbose = false) {
+    return new Promise((resolve) => {
+        try {
+            const schemaPath = getPrismaSchemaPath('postgresql');
+
+            // Get Prisma binary path (checks multiple locations)
+            const prismaBin = getPrismaBinaryPath();
+
+            // Determine args based on whether we're using direct binary or npx
+            const isDirectBinary = prismaBin !== 'npx prisma';
+            const args = isDirectBinary
+                ? ['migrate', 'resolve', `--${action}`, migrationName, '--schema', schemaPath]
+                : ['prisma', 'migrate', 'resolve', `--${action}`, migrationName, '--schema', schemaPath];
+
+            if (verbose) {
+                const displayCmd = isDirectBinary
+                    ? `${prismaBin} ${args.join(' ')}`
+                    : `npx ${args.join(' ')}`;
+                console.log(chalk.gray(`Running: ${displayCmd}`));
+            }
+
+            // Execute the command (prismaBin might be 'node /path/to/index.js' or 'npx prisma')
+            const [executable, ...executableArgs] = prismaBin.split(' ');
+            const fullArgs = [...executableArgs, ...args];
+
+            const proc = spawn(executable, fullArgs, {
+                stdio: 'inherit',
+                env: {
+                    ...process.env,
+                    PRISMA_HIDE_UPDATE_MESSAGE: '1'
+                }
+            });
+
+            proc.on('error', (error) => {
+                resolve({
+                    success: false,
+                    error: error.message
+                });
+            });
+
+            proc.on('close', (code) => {
+                if (code === 0) {
+                    resolve({
+                        success: true,
+                        output: `Migration ${migrationName} marked as ${action}`
+                    });
+                } else {
+                    resolve({
+                        success: false,
+                        error: `Resolve process exited with code ${code}`
+                    });
+                }
+            });
+
+        } catch (error) {
+            resolve({
+                success: false,
+                error: error.message
+            });
+        }
+    });
+}
+
 /**
  * Determines migration command based on STAGE environment variable
  * @param {string} stage - Stage from CLI option or environment
@@ -401,6 +471,7 @@ module.exports = {
     runPrismaGenerate,
     checkDatabaseState,
     runPrismaMigrate,
+    runPrismaMigrateResolve,
     runPrismaDbPush,
     getMigrationCommand
 };

package/handlers/backend-utils.js

@@ -92,13 +92,16 @@ const loadIntegrationForWebhook = async (integrationId) => {
         integrationId
     );
 
-    return await getIntegrationInstance.execute(
+    const instance = await getIntegrationInstance.execute(
         integrationId,
         integrationRecord.userId
     );
+
+    return instance;
 };
 
 const loadIntegrationForProcess = async (processId, integrationClass) => {
+
     const { processRepository, integrationRepository, moduleRepository } =
         initializeRepositories();
 
@@ -122,10 +125,12 @@ const loadIntegrationForProcess = async (processId, integrationClass) => {
         throw new Error(`Process not found: ${processId}`);
     }
 
-    return await getIntegrationInstance.execute(
+    const instance = await getIntegrationInstance.execute(
         process.integrationId,
         process.userId
     );
+
+    return instance;
 };
 
 const createQueueWorker = (integrationClass) => {
@@ -133,18 +138,19 @@ const createQueueWorker = (integrationClass) => {
         async _run(params, context) {
             try {
                 let integrationInstance;
-                if (
-                    params.event === 'ON_WEBHOOK' &&
-                    params.data?.integrationId
-                ) {
-                    integrationInstance = await loadIntegrationForWebhook(
-                        params.data.integrationId
-                    );
-                } else if (params.data?.processId) {
+
+                // Prioritize processId first (for sync handler compatibility),
+                // then integrationId (for ANY event type that needs hydration),
+                // fallback to unhydrated instance
+                if (params.data?.processId) {
                     integrationInstance = await loadIntegrationForProcess(
                         params.data.processId,
                         integrationClass
                     );
+                } else if (params.data?.integrationId) {
+                    integrationInstance = await loadIntegrationForWebhook(
+                        params.data.integrationId
+                    );
                 } else {
                     // Instantiates a DRY integration class without database records.
                     // There will be cases where we need to use helpers that the api modules can export.

package/handlers/routers/db-migration.js

@@ -235,6 +235,77 @@ router.get(
     })
 );
 
+/**
+ * POST /db-migrate/resolve
+ *
+ * Resolve a failed migration by marking it as applied or rolled back
+ *
+ * Request body:
+ * {
+ *   migrationName: string (e.g., '20251112195422_update_user_unique_constraints'),
+ *   action: 'applied' | 'rolled-back',
+ *   stage: string (optional, defaults to STAGE env var or 'production')
+ * }
+ *
+ * Response (200 OK):
+ * {
+ *   success: true,
+ *   message: string,
+ *   migrationName: string,
+ *   action: string
+ * }
+ */
+router.post(
+    '/db-migrate/resolve',
+    catchAsyncError(async (req, res) => {
+        const { migrationName, action = 'applied' } = req.body;
+
+        console.log(`Migration resolve request: migration=${migrationName}, action=${action}`);
+
+        // Validation
+        if (!migrationName) {
+            return res.status(400).json({
+                success: false,
+                error: 'migrationName is required'
+            });
+        }
+
+        if (!['applied', 'rolled-back'].includes(action)) {
+            return res.status(400).json({
+                success: false,
+                error: 'action must be either "applied" or "rolled-back"'
+            });
+        }
+
+        try {
+            // Import prismaRunner here to avoid circular dependencies
+            const prismaRunner = require('../../database/utils/prisma-runner');
+
+            const result = await prismaRunner.runPrismaMigrateResolve(migrationName, action, true);
+
+            if (!result.success) {
+                return res.status(500).json({
+                    success: false,
+                    error: `Failed to resolve migration: ${result.error}`
+                });
+            }
+
+            res.status(200).json({
+                success: true,
+                message: `Migration ${migrationName} marked as ${action}`,
+                migrationName,
+                action
+            });
+        } catch (error) {
+            console.error('Migration resolve failed:', error);
+            return res.status(500).json({
+                success: false,
+                error: error.message
+            });
+        }
+    })
+);
+
 // Minimal Lambda handler (avoids app-handler-helpers which loads core/index.js → user/**)
 const serverlessHttp = require('serverless-http');
 const express = require('express');
@@ -244,7 +315,7 @@ const app = express();
 app.use(cors());
 app.use(express.json());
 app.use(router);
-app.use((err, req, res, next) => {
+app.use((err, _req, res, _next) => {
     console.error('Migration Router Error:', err);
     res.status(500).json({ message: 'Internal Server Error' });
 });

package/integrations/integration-base.js

@@ -203,22 +203,53 @@ class IntegrationBase {
 
     /**
      * Returns the modules as object with keys as module names.
+     * Uses the keys from Definition.modules to attach modules correctly.
+     * 
+     * Example:
+     *   Definition.modules = { attio: {...}, quo: { definition: { getName: () => 'quo-attio' } } }
+     *   Module with getName()='quo-attio' gets attached as this.quo (not this['quo-attio'])
+     * 
      * @private
      * @param {Array} integrationModules - Array of module instances
      * @returns {Object} The modules object
      */
     _appendModules(integrationModules) {
         const modules = {};
+
+        // Build reverse mapping: definition.getName() → referenceKey
+        // e.g., 'quo-attio' → 'quo', 'attio' → 'attio'
+        const moduleNameToKey = {};
+        if (this.constructor.Definition?.modules) {
+            for (const [key, moduleConfig] of Object.entries(this.constructor.Definition.modules)) {
+                const definition = moduleConfig.definition;
+                if (definition) {
+                    // Use getName() if available, fallback to moduleName
+                    const definitionName = typeof definition.getName === 'function'
+                        ? definition.getName()
+                        : definition.moduleName;
+                    if (definitionName) {
+                        moduleNameToKey[definitionName] = key;
+                    }
+                }
+            }
+        }
+
         for (const module of integrationModules) {
-            const key =
+            const moduleName =
                 typeof module.getName === 'function'
                     ? module.getName()
                     : module.name;
+
+            // Use the reference key from Definition.modules if available,
+            // otherwise fall back to moduleName
+            const key = moduleNameToKey[moduleName] || moduleName;
+
             if (key) {
                 modules[key] = module;
                 this[key] = module;
             }
         }
+
         return modules;
     }
 
@@ -333,7 +364,6 @@ class IntegrationBase {
         return {};
     }
     async loadUserActions({ actionType } = {}) {
-        console.log('loadUserActions called with actionType:', actionType);
         const userActions = {};
         for (const [key, event] of Object.entries(this.events)) {
             if (event.type === constantsToBeMigrated.types.USER_ACTION) {
@@ -389,7 +419,6 @@ class IntegrationBase {
 
     async onWebhook({ data }) {
         // Default: no-op, integrations override this
-        console.log('Webhook received:', data);
     }
 
     async queueWebhook(data) {

package/integrations/integration-router.js

@@ -601,11 +601,10 @@ function setEntityRoutes(router, authenticateUser, useCases) {
     router.route('/api/entities/:entityId/test-auth').get(
         catchAsyncError(async (req, res) => {
             const user = await authenticateUser.execute(req);
-            const userId = user.getId();
             const params = checkRequiredParams(req.params, ['entityId']);
             const testAuthResponse = await testModuleAuth.execute(
                 params.entityId,
-                userId
+                user // Pass User object for proper validation
             );
 
             if (!testAuthResponse) {
@@ -614,7 +613,7 @@ function setEntityRoutes(router, authenticateUser, useCases) {
                     errors: [
                         {
                             title: 'Authentication Error',
-                            message: `There was an error with your ${module.getName()} Entity.  Please reconnect/re-authenticate, or reach out to Support for assistance.`,
+                            message: `There was an error with your Entity. Please reconnect/re-authenticate, or reach out to Support for assistance.`,
                             timestamp: Date.now(),
                         },
                     ],
@@ -628,9 +627,8 @@ function setEntityRoutes(router, authenticateUser, useCases) {
     router.route('/api/entities/:entityId').get(
         catchAsyncError(async (req, res) => {
             const user = await authenticateUser.execute(req);
-            const userId = user.getId();
             const params = checkRequiredParams(req.params, ['entityId']);
-            const module = await getModule.execute(params.entityId, userId);
+            const module = await getModule.execute(params.entityId, user); // Pass User object
 
             res.json(module);
         })
@@ -639,12 +637,11 @@ function setEntityRoutes(router, authenticateUser, useCases) {
     router.route('/api/entities/:entityId/options').post(
         catchAsyncError(async (req, res) => {
             const user = await authenticateUser.execute(req);
-            const userId = user.getId();
             const params = checkRequiredParams(req.params, ['entityId']);
 
             const entityOptions = await getEntityOptionsById.execute(
                 params.entityId,
-                userId
+                user // Pass User object
             );
 
             res.json(entityOptions);
@@ -654,11 +651,10 @@ function setEntityRoutes(router, authenticateUser, useCases) {
     router.route('/api/entities/:entityId/options/refresh').post(
         catchAsyncError(async (req, res) => {
             const user = await authenticateUser.execute(req);
-            const userId = user.getId();
             const params = checkRequiredParams(req.params, ['entityId']);
             const updatedOptions = await refreshEntityOptions.execute(
                 params.entityId,
-                userId,
+                user, // Pass User object
                 req.body
             );
 

package/modules/use-cases/get-entity-options-by-id.js

@@ -12,11 +12,18 @@ class GetEntityOptionsById {
     }
 
     /**
-     * Retrieve a Module instance for a given user and entity/module type.
-     * @param {string} userId
-     * @param {string} entityId
+     * Retrieve entity options for a given entity
+     *
+     * @param {string|number} entityId - Entity ID to retrieve options for
+     * @param {string|number|import('../../user/user').User} userIdOrUser - User ID or User object for validation
+     * @returns {Promise<Object>} Entity options
      */
-    async execute(entityId, userId) {
+    async execute(entityId, userIdOrUser) {
+        // Support both userId (backward compatible) and User object (new pattern)
+        const userId = typeof userIdOrUser === 'object' && userIdOrUser?.getId
+            ? userIdOrUser.getId()
+            : userIdOrUser;
+
         const entity = await this.moduleRepository.findEntityById(
             entityId,
             userId
@@ -26,7 +33,12 @@ class GetEntityOptionsById {
             throw new Error(`Entity ${entityId} not found`);
         }
 
-        if (entity.userId !== userId) {
+        // Validate entity ownership
+        const isOwned = typeof userIdOrUser === 'object' && userIdOrUser?.ownsUserId
+            ? userIdOrUser.ownsUserId(entity.userId)
+            : entity.userId?.toString() === userId?.toString();
+
+        if (!isOwned) {
             throw new Error(
                 `Entity ${entityId} does not belong to user ${userId}`
             );

package/modules/use-cases/get-module.js

@@ -6,7 +6,19 @@ class GetModule {
         this.moduleDefinitions = moduleDefinitions;
     }
 
-    async execute(entityId, userId) {
+    /**
+     * Get module instance for an entity
+     *
+     * @param {string|number} entityId - Entity ID to retrieve
+     * @param {string|number|import('../../user/user').User} userIdOrUser - User ID or User object for validation
+     * @returns {Promise<Object>} Module details
+     */
+    async execute(entityId, userIdOrUser) {
+        // Support both userId (backward compatible) and User object (new pattern)
+        const userId = typeof userIdOrUser === 'object' && userIdOrUser?.getId
+            ? userIdOrUser.getId()
+            : userIdOrUser;
+
         const entity = await this.moduleRepository.findEntityById(
             entityId,
             userId
@@ -16,7 +28,14 @@ class GetModule {
             throw new Error(`Entity ${entityId} not found`);
         }
 
-        if (entity.userId !== userId) {
+        // Validate entity ownership
+        // If User object provided, use ownsUserId to check linked users
+        // Otherwise fall back to simple equality check
+        const isOwned = typeof userIdOrUser === 'object' && userIdOrUser?.ownsUserId
+            ? userIdOrUser.ownsUserId(entity.userId)
+            : entity.userId?.toString() === userId?.toString();
+
+        if (!isOwned) {
             throw new Error(
                 `Entity ${entityId} does not belong to user ${userId}`
             );

package/modules/use-cases/process-authorization-callback.js

@@ -100,9 +100,20 @@ class ProcessAuthorizationCallback {
     async findOrCreateEntity(entityDetails, moduleName, credentialId) {
         const { identifiers, details } = entityDetails;
 
+        // Support both 'user' and 'userId' field names from module definitions
+        // Some modules use 'user' (legacy), others use 'userId' (newer pattern)
+        const userId = identifiers.user || identifiers.userId;
+
+        if (!userId) {
+            throw new Error(
+                `Module definition for ${moduleName} must return 'user' or 'userId' in identifiers from getEntityDetails(). ` +
+                    `Without userId, entity lookup would match across all users (security issue).`
+            );
+        }
+
         const existingEntity = await this.moduleRepository.findEntity({
             externalId: identifiers.externalId,
-            user: identifiers.user,
+            user: userId,
             moduleName: moduleName,
         });
 

package/modules/use-cases/refresh-entity-options.js

@@ -12,11 +12,19 @@ class RefreshEntityOptions {
     }
 
     /**
-     * Retrieve a Module instance for a given user and entity/module type.
-     * @param {string} userId
-     * @param {string} entityId
+     * Refresh entity options for a given entity
+     *
+     * @param {string|number} entityId - Entity ID to refresh
+     * @param {string|number|import('../../user/user').User} userIdOrUser - User ID or User object for validation
+     * @param {Object} options - Refresh options
+     * @returns {Promise<Object>} Updated entity options
      */
-    async execute(entityId, userId, options) {
+    async execute(entityId, userIdOrUser, options) {
+        // Support both userId (backward compatible) and User object (new pattern)
+        const userId = typeof userIdOrUser === 'object' && userIdOrUser?.getId
+            ? userIdOrUser.getId()
+            : userIdOrUser;
+
         const entity = await this.moduleRepository.findEntityById(
             entityId,
             userId
@@ -26,7 +34,12 @@ class RefreshEntityOptions {
             throw new Error(`Entity ${entityId} not found`);
         }
 
-        if (entity.userId !== userId) {
+        // Validate entity ownership
+        const isOwned = typeof userIdOrUser === 'object' && userIdOrUser?.ownsUserId
+            ? userIdOrUser.ownsUserId(entity.userId)
+            : entity.userId?.toString() === userId?.toString();
+
+        if (!isOwned) {
             throw new Error(
                 `Entity ${entityId} does not belong to user ${userId}`
             );

package/modules/use-cases/test-module-auth.js

@@ -11,7 +11,19 @@ class TestModuleAuth {
         this.moduleDefinitions = moduleDefinitions;
     }
 
-    async execute(entityId, userId) {
+    /**
+     * Test authentication for a module entity
+     *
+     * @param {string|number} entityId - Entity ID to test
+     * @param {string|number|import('../../user/user').User} userIdOrUser - User ID or User object for validation
+     * @returns {Promise<boolean>} Authentication test result
+     */
+    async execute(entityId, userIdOrUser) {
+        // Support both userId (backward compatible) and User object (new pattern)
+        const userId = typeof userIdOrUser === 'object' && userIdOrUser?.getId
+            ? userIdOrUser.getId()
+            : userIdOrUser;
+
         const entity = await this.moduleRepository.findEntityById(
             entityId,
             userId
@@ -21,7 +33,12 @@ class TestModuleAuth {
             throw new Error(`Entity ${entityId} not found`);
         }
 
-        if (entity.userId !== userId) {
+        // Validate entity ownership
+        const isOwned = typeof userIdOrUser === 'object' && userIdOrUser?.ownsUserId
+            ? userIdOrUser.ownsUserId(entity.userId)
+            : entity.userId?.toString() === userId?.toString();
+
+        if (!isOwned) {
             throw new Error(
                 `Entity ${entityId} does not belong to user ${userId}`
             );

package/package.json

@@ -1,7 +1,7 @@
 {
     "name": "@friggframework/core",
     "prettier": "@friggframework/prettier-config",
-    "version": "2.0.0-next.56",
+    "version": "2.0.0-next.58",
     "dependencies": {
         "@aws-sdk/client-apigatewaymanagementapi": "^3.588.0",
         "@aws-sdk/client-kms": "^3.588.0",
@@ -38,9 +38,9 @@
         }
     },
     "devDependencies": {
-        "@friggframework/eslint-config": "2.0.0-next.56",
-        "@friggframework/prettier-config": "2.0.0-next.56",
-        "@friggframework/test": "2.0.0-next.56",
+        "@friggframework/eslint-config": "2.0.0-next.58",
+        "@friggframework/prettier-config": "2.0.0-next.58",
+        "@friggframework/test": "2.0.0-next.58",
         "@prisma/client": "^6.17.0",
         "@types/lodash": "4.17.15",
         "@typescript-eslint/eslint-plugin": "^8.0.0",
@@ -80,5 +80,5 @@
     "publishConfig": {
         "access": "public"
     },
-    "gitHead": "5551318d5c45913810a6b03a5ea19c72b5c4cb2f"
+    "gitHead": "bfd8911703e8d407435ba89556fd9b0fde5d22ac"
 }